Virtual Patching
for Website
Vulnerabilities

Hi everybody. My name is John Booker, I am a sales manager here at Sucuri and I’ve been here for five years. I run the front end sales team. 

We’re the folks you speak to when you come to chat, phone and email us. Today we’re gonna discuss virtual patching for website vulnerabilities. 

All software has bugs, but some bugs can lead to serious security. Vulnerabilities that can impact your website and traffic vulnerabilities can be especially dangerous when your software is running over the web since anyone can reach out and attack it. 

That’s why keeping your website up to date with the latest patches and security updates is so very, very important. The reality is there’s no shortage of websites running outdated WordPress, Joomla or Magentosoftware. 

There are also plenty of websites using plug-ins themes and other extensible components with known vulnerabilities, all of which give Attackers the opportunity to exploit and affect the website or harvest sensitive customer information. 

The number one excuse we hear from clients for keeping these website applications outdated is that their website will break. Some common justifications for not patching and updating website software include “my theme was heavily modified, so I can’t update it”. Or, “I’m afraid it will break some functionality if I update this plug in”, or “I modified some of my core files and so now I’m stuck”. Or even “My web developer left us and nobody knows how this piece of code works.” And honestly they’re all viable excuses. 

And that’s why we’re discussing virtual patching today. If you’re in a situation where you can’t update your website software, then the list of known plug and vulnerabilities probably scare you. 

But in this webinar we’ll highlight some of the ways we can mitigate risk and virtually patch known vulnerabilities on your site. 

So, we’re gonna go over six topics today. What is virtual patching? What happens to unpatched websites? How does virtual patching work? 

What what’s an example of virtual patching? Along with some virtual patching solutions and key takeaways about patching software vulnerabilities.

So let’s start with what is virtual patching? Virtual patching is defined as a security policy enforcement layer, which prevents the exploitation of known vulnerabilities. 

The virtual patch works since the security enforcement layer analyzes transactions and intercepts attacks in transit, this means malicious traffic never reaches the web application. 

The resulting impact of virtual patch is that while the actual source code of the application itself has not been modified, the exploitation attempt does not succeed. 

Virtual patching helps websites that are outdated to be protected from attacks by preventing exploitations of vulnerabilities on the fly. It basically fills the security holes up until it’s time to patch. 

This is usually done by a web application firewall. As you can see on the diagram here, on the screen, I relate a lot of things to sports and football and there’s different layers of defense on the football field and once someone gets past the first level, typically there’s another level that is there. 

The linebackers are there to plug up any of the holes that may be left by the defensive line. In some ways though, that is exactly what virtual patching is. 

You don’t want your linebackers to have to fill those holes all the time. But if there’s an emergency there, take care of it. So that’s kind of how I look at virtual patching. 

Next is what happens to unpatched websites. When the website contains unpatched security vulnerabilities, it could put not just your website but also your visitors and customers’ data at risk. 

Alright, as seen in our latest malware trend report, automated attacks targeting known software vulnerabilities are one of the leading causes of compromise and infection. 

Hackers regularly scan websites big and small for any known vulnerabilities. They often use automated scripts to help identify targets and exploit vulnerable websites. 

Some attacks rely on single access points to inject malicious content into the vulnerable environment, but privilege escalation can also occur. And once a foothold has been established, the attacker can deploy other tools which can lead to full website takeover, stolen data, website backdoors, SEO spam, phishing, and other malware. 

Another recent report revealed that unpatched vulnerabilities are one of the most prominent attack vectors actively exploited by ransomware groups. 

Furthermore, 37% of vulnerabilities were actively and repeatedly exploited by bad actors. This data clearly highlights the importance of patching your website to protect against the threat of disturbing ransomware. 

Now you can look at the diagram here again, back to football, sports, that’s kind of, my thing, but I look at a website like a quarterback and what they say, protect your quarterback at all times and you want to protect your website at all times. 

And virtual patching allows you to do that. If you don’t, you see what happens to the quarterback, that’s, what will happen to your website, which we don’t want. 

Next topic is, how does virtual patching work? So when a website patches their software, they upgrade to the latest, most secure version and in the process, patch any security issues and known vulnerabilities. 

But when the site isn’t able to patch in time, Virtual Patching can help close those security holes through the use of a web application, firewall or intrusion detection system. 

These services employ security policies or rules that focus on preventing exploits and vulnerabilities at the network level before they reach a website, Virtual Patching can help address the following scenarios, prevents the risk of attacks against known website vulnerabilities and the core CMS, plug ins themes and other extensible software removes the risk of software conflicts, since website code has not changed, prevents downtime and financial losses due the website being taken offline from malware reduces the risk of sensitive data exposure, reduces cost of time or money spent to patch during the emergency and mitigates risk of impact from your websites reputation. 

Virtual patching is especially crucial for securing your website’s customer data and purchase process in the event your website software contains vulnerabilities. You’ll have ample time to update the patch for your components and protect your traffic and revenue. 

Again, if you look over at the picture there with the flat tire, I look at it, a virtual patch is a quick fix. 

Get your car back on the road. The car being the website obviously, flat tire, you fill the spare on there and you keep going. But what you are gonna do is you’re gonna go and you’re gonna fix either fix the tire or buy a new tire and get back on the road, with the right size tire, but the spare tire is gonna help you get to where you need to go in order to fix it. 

And that’s how I look at virtual patching. Virtual patching will allow you the time to update your site and fix whatever you need to fix, without having to worry about being exploited. 

The next topic is, what’s an example of virtual patching. One common example of virtual patching employed by our firewall is preventing known exploits as attackers launch large scale attacks against severe vulnerabilities. Security companies deploy patches to prevent these exploits from working, and this ensures the website is not impacted by an attack. 

You can see there in the picture the security firewall access denied. We’ll show you what the block is and what we did to make sure that you were protected. When an attacker tries making a malicious request to a web site, the firewall blocks the request. 

This prevents it from reaching and damaging the website. Virtual patching solutions to assist our customers with proactive security measures. 

We built our web application firewall (or WAF) plus intrusion detection system. Our I. D. S. The security firewall. 

It’s an in the middle proxy that sits between your website and the internet allowing us to filter and block attacks before they reach your website. Our firewall patches known vulnerabilities and adds multiple layers of hardening along with log analysis to prevent websites from being attacked and infected with malware and reinfected. 

So let’s talk about some key takeaways about patching software vulnerabilities. 

Vulnerabilities can lead to website malware and compromise customer information. It’s essential to patch your website software as soon as possible. However, it’s not always possible unless the website leverages virtual patching. 

Virtual patching makes it easy to temporarily prevent hackers from exploiting known software vulnerabilities until a patch is properly applied to the software. 

I appreciate you guys spending time with me and learning a little bit more about virtual patching. Like I said, I run the front end core sales team, so please reach out to us. Come to our website, click the chat icon, reach out to one of the folks on the front end and ask whatever questions you may have about our firewall. 

We’re here, night and day 24/7 to answer whatever questions you have for us. Again, I appreciate your time, I want to say thank you and look forward to hearing from you.